Skype for Business Edge and SSL decryption

Question

Has anyone had any experience configuring the BIG-IP for SSL visibility between two Skype for Business Edge Servers?  I'm inclined to think this is a non-starter.  By default, the SSL session uses ECDHE_RSA for key exchange and includes a Handshake Protocol: Certificate Verify message from the client.  
&nbsp;
Assuming that these characteristics make decrypt impossible, has anyone had success changing the ciphers used by the Edge servers?  &nbsp;

yoav_crombie_25 · Answer

What are you trying to achieve with this?
We have a product encrypting the SIP traffic on the EDGE as well as an iApp that integrates in F5 for HTTPS traffic control specifically of Skype for Business
You can read more here: skypeShield.com&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
As I understood, even if you can offload decrypt SSL, Edge connections are not HTTPS but skype protocol over SSL on port 443.&nbsp;

Forum Discussion

Skype for Business Edge and SSL decryption

Recent Discussions

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

F5 looses the token for the first call

feature request: container egress service

did not show checkbox on chrome while access through f5

Related Content

Microsoft Skype for Business Server 2015

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Troubleshooting Lync/Skype for Business Reverse Proxy

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS